<?php 
$page_title='Upload a File';
include './includes/header.html';

$counter=3;//number of files to allow for
if (isset($_POST['submitted'])){
	require_once 'mysql_connect.php';
	for ($i=0;$i<$counter;$i++){
		$filename='upload'.$i;
		$description='description'.$i;
		
		//check a file
		if (isset($_FILES[$filename])&&($_FILES[$filename]['error']!=4)){
			if (!empty($_POST[$description])){
				$d="'".escape_data($_POST[$description])."'";
			}else{
				$d='NULL';//???
			}
			
			//add record to the database
			$query="insert into uploads(file_name,file_size,file_type,description) values ('{$_FILES[$filename]['name']}',{$_FILES[$filename]['size']},'{$_FILES[$filename]['type']}',$d)";
			$result=mysql_query($query);
			if ($result){
				//return the upload id
				$upload_id=mysql_insert_id();
				//move the file over
				if (move_uploaded_file($_FILES[$filename]['tmp_name'], "../uploads/$upload_id")){
					echo '<p>File number '.($i+1).' has been uploaded!</p>';
				}else {
					echo '<p><font color="red">File number '.($i+1).' could not be moved.</font></p> ';
					$query="delete from uploads where upload_id=$upload_id";
					$result=mysql_query($query);
				}
			}else {//not run ok
				echo '<p><font color="red">Your submission could not be processed</font></p> ';
			}
		}
	}//end of for loop
	mysql_close();
}
?>
<form enctype="multipart/form-data" action="add_file.php" method="post">
	<fieldset><legend>Fill out the form to up load a file:</legend>
	<input type="hidden" name="MAX_FILE_SIZE" value="524288"/>
	<?php 
	for ($i=0;$i<$counter;$i++){
		echo '<p><b>File:</b><input type="file" name="upload'.$i.'"/></p>
		<p><b>Description:</b><textarea name ="description'.$i.'" cols="40" rows="5"></textarea></p></br>
		';
	}
	?>
	</fieldset>
	<input type="hidden" name="submitted" value="TRUE" />
	<div align="center"><input type="submit" name="submit" value="Submit" /></div>
</form>
<?php 
include './includes/footer.html';
?>












